Show pageOld revisionsBacklinksBack to top This page is read only. You can view the source, but not change it. Ask your administrator if you think this is wrong. ====== Slackware-14.2 ChangeLog (2021-05-25) ====== ====== Tue May 25 18:01:05 UTC 2021 ====== ===== Packages ===== ==== Upgraded ==== * [[slackware.14.2>patches/packages/gnutls-3.6.16-i586-1_slack14.2.txz]] \\ Fixed potential miscalculation of ECDSA/EdDSA code backported from Nettle. \\ In GnuTLS, as long as it is built and linked against the fixed version of \\ Nettle, this only affects GOST curves. [CVE-2021-20305] \\ Fixed potential use-after-free in sending "key_share" and "pre_shared_key" \\ extensions. When sending those extensions, the client may dereference a \\ pointer no longer valid after realloc. This happens only when the client \\ sends a large Client Hello message, e.g., when HRR is sent in a resumed \\ session previously negotiated large FFDHE parameters, because the initial \\ allocation of the buffer is large enough without having to call realloc \\ (#1151). [GNUTLS-SA-2021-03-10, CVSS: low] \\ For more information, see: \\ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20305 \\ (* Security fix *) {{tag>slackware changelog slackware-14.2 2021-05}} news/2021/05/25/slackware-14.2-changelog.txt Last modified: 3 years agoby Giuseppe Di Terlizzi Log In